Пример #1
0
 /**
  * Budowanie uprawnień do formularzy
  *
  * @return Zend_Acl
  */
 public function getAcl()
 {
     $oddzial = ODDZIAL_ID;
     $profil = $this->getCurrentProfile();
     $aclProfileId = $profil ? $profil->id : 'none';
     $cm = $this->getBootstrap()->getResource('cachemanager');
     $cache = $cm->getCache('rolecache');
     $branch_name = is_numeric(ODDZIAL_ID) && ODDZIAL_ID > 0 ? '_' . ODDZIAL_ID : '';
     if (!($this->acl = $cache->load('form_acl_profile_' . $aclProfileId . $branch_name))) {
         $this->acl = new Base_Acl();
         $this->_groups = $all_groups = $grupy = $this->getGroups();
         $this->_roles = $all_roles = $role = $this->getRoles($profil);
         foreach ($grupy as $grupa) {
             $this->addAclRole($grupa, 'group');
         }
         $profil = $this->getCurrentProfile();
         foreach ($role as $rola) {
             $this->addAclRole($rola, 'role');
         }
         $tmp = $this->getResources(array('form', 'filter'));
         $rupModel = new GroupFormResource();
         $rup = $rupModel->fetchAll()->toArray();
         $up = $tmp['form']->toArray();
         $upArray = array();
         foreach ($up as $u) {
             $upArray[$u['id']] = $u;
             $module = $u['module'];
             $controller = $u['form_class'];
             $action = $u['form_element'];
             if ('*' == $controller) {
                 $resource = $this->buildResourceName('form', $module);
                 $parent = null;
             } elseif ('*' == $action) {
                 $resource = $this->buildResourceName('form', $module, $controller);
                 $parent = preg_replace('/\\.[_a-zA-Z]*$/', '', $resource);
             } elseif ('*' != $action and $action) {
                 $resource = $this->buildResourceName('form', $module, $controller, $action);
                 $parent = preg_replace('/\\.[_a-zA-Z]*$/', '', $resource);
             }
             if ($parent && !$this->acl->has($parent)) {
                 $this->acl->add(new Zend_Acl_Resource($parent), preg_replace('/\\.[_a-zA-Z]*$/', '', $parent));
             }
             if (!$this->acl->has($resource)) {
                 $this->acl->add(new Zend_Acl_Resource($resource), $parent);
             }
         }
         $acl_feed = array();
         foreach ($rup as $r) {
             $module = $upArray[$r['id_resource']]['module'];
             $controller = $upArray[$r['id_resource']]['form_class'];
             $action = $upArray[$r['id_resource']]['form_element'];
             $role = 'group_' . (int) $all_groups[$r['id_group']]['priority'] . "_" . $r['id_group'];
             if ('*' == $controller) {
                 $resource = $this->buildResourceName('form', $module);
             } elseif ('*' == $action) {
                 $resource = $this->buildResourceName('form', $module, $controller);
             } elseif ('*' != $action and $action) {
                 $resource = $this->buildResourceName('form', $module, $controller, $action);
             }
             if ($r['deny']) {
                 $this->acl->deny($role, $resource);
             } else {
                 $this->acl->allow($role, $resource);
             }
         }
         /**
          * Domyślnie allow na wszystkie formularze
          */
         $this->acl->allow(null, 'form:default');
         $rupModel = new RoleFilterResource();
         $rup = $rupModel->fetchAll()->toArray();
         $up = $tmp['filter']->toArray();
         $upArray = array();
         $resource = $this->buildResourceName('filter', 'default');
         if (!$this->acl->has($resource)) {
             $this->acl->add(new Zend_Acl_Resource($resource));
         }
         foreach ($up as $u) {
             $upArray[$u['id']] = $u;
             $filter = $u['id'];
             $resource = $this->buildResourceName('filter', 'default', $filter);
             $parent = $this->buildResourceName('filter', 'default');
             if (!$this->acl->has($resource)) {
                 $this->acl->add(new Zend_Acl_Resource($resource), $parent);
             }
         }
         $acl_feed = array();
         foreach ($rup as $r) {
             $filter = $upArray[$r['id_filter']]['id'];
             $role = 'role_' . (int) $all_roles[$r['id_role']]['priority'] . '_' . $r['id_role'];
             $resource = $this->buildResourceName('filter', 'default', $filter);
             if ($this->acl->hasRole($role)) {
                 $this->acl->allow($role, $resource);
             }
         }
         $cache->save($this->acl, 'form_acl_profile_' . $aclProfileId . $branch_name);
     }
     /**
      * Domyślnie deny na wszystkie filtry
      */
     $this->acl->deny(null, 'filter:default');
     $identity = Zend_Auth::getInstance()->getIdentity();
     $data = array();
     $roles = array();
     if (!$identity) {
         $defaultRole = $this->getDefaultRole();
         $data['roles'][] = $defaultRole;
     } else {
         if (!($data = $cache->load('user_data_' . $identity->id . '_profile_' . $aclProfileId . $branch_name))) {
             $profilModel = new Profile();
             $profil = $profilModel->fetchRow(array("id_user = {$identity->id}", "id_branch = {$oddzial}", 'ghost = false'));
             //                    $profil = $this->getCurrentProfile();
             if ($profil->id) {
                 $profil = $profil->toArray();
                 $profil['parents']['role'] = array();
                 $profil['parents']['group'] = array();
                 $profilRola = new ProfileRole();
                 $ru = $profilRola->fetchAll("id_profile = {$profil['id']}")->toArray();
                 foreach ($ru as $r) {
                     $roles[] = 'role_' . (int) $all_roles[$r['id_role']]['priority'] . '_' . $r['id_role'];
                     $profil['parents']['role'][] = array('id' => $r['id_role'], 'priority' => (int) $all_roles[$r['id_role']]['priority']);
                 }
                 $profilGrupa = new ProfileGroup();
                 $gu = $profilGrupa->fetchAll("id_profile = {$profil['id']}")->toArray();
                 foreach ($gu as $g) {
                     $roles[] = 'group_' . (int) $all_groups[$g['id_group']]['priority'] . "_" . $g['id_group'];
                     $profil['parents']['group'][] = array('id' => $g['id_group'], 'priority' => (int) $all_groups[$g['id_group']]['priority']);
                 }
                 $this->addAclRole($profil, 'profile');
             }
             $data['roles'] = $roles;
             $data['profil'] = $profil;
             $cache->save($data, 'user_data_' . $identity->id . '_profile_' . $aclProfileId . $branch_name);
         } else {
             // FROM CACHE
             if ($data['profil']['id']) {
                 $this->addAclRole($data['profil'], 'profile');
             }
         }
     }
     return $this->acl;
 }
Пример #2
0
 /**
  * Aktualizacja ról, które mają dostęp do filtra
  *
  * @param Base_Form_Abstract $form formularz z danymi do zapisania
  * @param integer $id id filtra
  * @return integer ilość poprawionych wierszy
  */
 public function shareFilter($form, $id)
 {
     $model = new RoleFilterResource();
     $values = $form->getValues();
     $model->getAdapter()->beginTransaction();
     $filters = $model->fetchAll('id_filter = ' . $id);
     foreach ($filters as $filter) {
         $filter->delete();
     }
     $ret = 0;
     try {
         foreach ($values as $role_id) {
             $tmp = $model->createRow(array('id_filter' => $id, 'id_role' => $role_id));
             $tmp->save();
             $ret++;
         }
         $model->getAdapter()->commit();
         $cm = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('cachemanager');
         $cache = $cm->getCache('rolecache');
         $cache->clean(Zend_Cache::CLEANING_MODE_ALL);
     } catch (Exception $e) {
         $model->getAdapter()->rollBack();
     }
     return $ret;
 }